oval:org.mitre.oval:def:8602

Definition Id: oval:org.mitre.oval:def:8602

Oval ID:	oval:org.mitre.oval:def:8602
Title:	Mozilla Firefox 'window.location' Same Origin Policy Security Bypass Vulnerability
Description:	Mozilla Firefox 3.6 before 3.6.2 does not offer plugins the expected window.location protection mechanism, which might allow remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via vectors that are specific to each affected plugin.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2010-0170	Version:	12
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows 7	Product(s):	Mozilla Firefox
Definition Synopsis:
Mozilla Firefox Mainline release is installed AND Mozilla Firefox Mainline version is 3.6.x to 3.6.1

Definition Id: oval:org.mitre.oval:def:22259

Oval ID:	oval:org.mitre.oval:def:22259
Title:	Mozilla Firefox Mainline release is installed
Description:	The browser installed on the system is Mozilla Firefox Mainline release
Family:	windows	Class:	inventory
Reference(s):	cpe:/a:mozilla:firefox	Version:	9
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	Mozilla Firefox
Definition Synopsis:
Check if Firefox Mainline is installed on the system AND Check if HKLM\Software\Mozilla\Mozilla Firefox.*$!Install Directory exists AND Check if channel-prefs.js (Firefox Mainline file) exists
Referenced By:
oval:org.mitre.oval:def:8602